catalyst-os 3.0.2 → 3.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.catalyst/bin/install.js +9 -0
- package/.catalyst/main/temp/temp-architecture.md +188 -0
- package/.catalyst/main/temp/temp-concerns.md +225 -0
- package/.catalyst/main/temp/temp-conventions.md +321 -0
- package/.catalyst/main/temp/temp-dashboard.html +380 -0
- package/.catalyst/main/temp/temp-mission.md +65 -0
- package/.catalyst/main/temp/temp-roadmap.md +166 -0
- package/.catalyst/main/temp/temp-tech-stack.md +165 -0
- package/.claude/agents/curator.md +1 -1
- package/.claude/commands/plan-project.md +75 -0
- package/.claude/skills/build-orchestration/SKILL.md +4 -0
- package/.claude/skills/project-initialization/SKILL.md +10 -1
- package/.claude/skills/project-sync/SKILL.md +13 -4
- package/.claude/skills/spec-approval/SKILL.md +4 -0
- package/.claude/skills/spec-archival/SKILL.md +4 -0
- package/.claude/skills/spec-lifecycle-board/SKILL.md +73 -0
- package/.claude/skills/spec-shaping/SKILL.md +4 -0
- package/.claude/skills/spec-validation/SKILL.md +4 -0
- package/.claude/skills/using-skills/SKILL.md +1 -0
- package/README.md +26 -1
- package/package.json +2 -1
- package/.claude/commands/roadmap.md +0 -69
package/.catalyst/bin/install.js
CHANGED
|
@@ -154,6 +154,15 @@ function install() {
|
|
|
154
154
|
console.log(` ${green}✓${reset} Installed .catalyst/spec-structure.yaml`);
|
|
155
155
|
}
|
|
156
156
|
|
|
157
|
+
// Framework-owned document templates (roadmap, dashboard, mission, etc.):
|
|
158
|
+
// always refresh — the commands read these to generate .catalyst/main docs.
|
|
159
|
+
const tempSrc = path.join(src, '.catalyst', 'main', 'temp');
|
|
160
|
+
const tempDest = path.join(catalystDir, 'main', 'temp');
|
|
161
|
+
if (fs.existsSync(tempSrc)) {
|
|
162
|
+
copyDir(tempSrc, tempDest);
|
|
163
|
+
console.log(` ${green}✓${reset} Installed .catalyst/main/temp/ (doc templates)`);
|
|
164
|
+
}
|
|
165
|
+
|
|
157
166
|
// User-owned config: create ONLY if missing — never clobber a customized
|
|
158
167
|
// project-config.yaml (branch settings, voice.language, agent_id, etc.) on update.
|
|
159
168
|
const pcDest = path.join(cwd, '.catalyst/main/project-config.yaml');
|
|
@@ -0,0 +1,188 @@
|
|
|
1
|
+
# Architecture
|
|
2
|
+
|
|
3
|
+
> Analysis Date: YYYY-MM-DD
|
|
4
|
+
> Update when: Major architectural changes, new patterns introduced
|
|
5
|
+
|
|
6
|
+
## Overview
|
|
7
|
+
|
|
8
|
+
Brief description of the system architecture (2-3 sentences).
|
|
9
|
+
|
|
10
|
+
---
|
|
11
|
+
|
|
12
|
+
## Conceptual Layers
|
|
13
|
+
|
|
14
|
+
```
|
|
15
|
+
┌─────────────────────────────────────┐
|
|
16
|
+
│ Presentation │ ← UI, API routes
|
|
17
|
+
├─────────────────────────────────────┤
|
|
18
|
+
│ Application │ ← Use cases, orchestration
|
|
19
|
+
├─────────────────────────────────────┤
|
|
20
|
+
│ Domain │ ← Business logic, entities
|
|
21
|
+
├─────────────────────────────────────┤
|
|
22
|
+
│ Infrastructure │ ← DB, external services
|
|
23
|
+
└─────────────────────────────────────┘
|
|
24
|
+
```
|
|
25
|
+
|
|
26
|
+
| Layer | Location | Responsibility |
|
|
27
|
+
|-------|----------|----------------|
|
|
28
|
+
| Presentation | `src/app/`, `src/api/` | HTTP handlers, UI components |
|
|
29
|
+
| Application | `src/services/` | Use case orchestration |
|
|
30
|
+
| Domain | `src/domain/`, `src/types/` | Business rules, entities |
|
|
31
|
+
| Infrastructure | `src/lib/`, `src/db/` | External integrations |
|
|
32
|
+
|
|
33
|
+
---
|
|
34
|
+
|
|
35
|
+
## Data Flow
|
|
36
|
+
|
|
37
|
+
### Request Lifecycle
|
|
38
|
+
|
|
39
|
+
```
|
|
40
|
+
HTTP Request
|
|
41
|
+
↓
|
|
42
|
+
Route Handler (`src/api/[route]/route.ts`)
|
|
43
|
+
↓
|
|
44
|
+
Middleware (auth, validation)
|
|
45
|
+
↓
|
|
46
|
+
Service (`src/services/*.ts`)
|
|
47
|
+
↓
|
|
48
|
+
Repository (`src/db/*.ts`)
|
|
49
|
+
↓
|
|
50
|
+
Database
|
|
51
|
+
↓
|
|
52
|
+
Response transformation
|
|
53
|
+
↓
|
|
54
|
+
HTTP Response
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
### State Management (Frontend)
|
|
58
|
+
|
|
59
|
+
| State Type | Solution | Location |
|
|
60
|
+
|------------|----------|----------|
|
|
61
|
+
| Server state | React Query / SWR | `src/hooks/queries/` |
|
|
62
|
+
| Client state | Zustand / Context | `src/stores/` |
|
|
63
|
+
| Form state | React Hook Form | Component-level |
|
|
64
|
+
| URL state | Next.js router | `searchParams` |
|
|
65
|
+
|
|
66
|
+
---
|
|
67
|
+
|
|
68
|
+
## Key Patterns
|
|
69
|
+
|
|
70
|
+
### Pattern: Repository
|
|
71
|
+
|
|
72
|
+
**Purpose**: Abstract database access
|
|
73
|
+
**Location**: `src/db/repositories/`
|
|
74
|
+
|
|
75
|
+
```typescript
|
|
76
|
+
// Example: src/db/repositories/user.ts
|
|
77
|
+
export const userRepository = {
|
|
78
|
+
findById: (id: string) => db.user.findUnique({ where: { id } }),
|
|
79
|
+
create: (data: CreateUserInput) => db.user.create({ data }),
|
|
80
|
+
};
|
|
81
|
+
```
|
|
82
|
+
|
|
83
|
+
### Pattern: Service Layer
|
|
84
|
+
|
|
85
|
+
**Purpose**: Business logic orchestration
|
|
86
|
+
**Location**: `src/services/`
|
|
87
|
+
|
|
88
|
+
```typescript
|
|
89
|
+
// Example: src/services/auth.ts
|
|
90
|
+
export async function login(email: string, password: string) {
|
|
91
|
+
const user = await userRepository.findByEmail(email);
|
|
92
|
+
if (!user || !verifyPassword(password, user.passwordHash)) {
|
|
93
|
+
throw new AuthError('Invalid credentials');
|
|
94
|
+
}
|
|
95
|
+
return generateTokens(user);
|
|
96
|
+
}
|
|
97
|
+
```
|
|
98
|
+
|
|
99
|
+
### Pattern: [Add more patterns found]
|
|
100
|
+
|
|
101
|
+
---
|
|
102
|
+
|
|
103
|
+
## Entry Points
|
|
104
|
+
|
|
105
|
+
### HTTP API
|
|
106
|
+
|
|
107
|
+
| Entry Point | Location | Purpose |
|
|
108
|
+
|-------------|----------|---------|
|
|
109
|
+
| REST API | `src/app/api/` | Main API routes |
|
|
110
|
+
| Webhooks | `src/app/api/webhooks/` | External service callbacks |
|
|
111
|
+
|
|
112
|
+
### Background Jobs
|
|
113
|
+
|
|
114
|
+
| Entry Point | Location | Purpose |
|
|
115
|
+
|-------------|----------|---------|
|
|
116
|
+
| Cron jobs | `src/jobs/` | Scheduled tasks |
|
|
117
|
+
| Queue workers | `src/workers/` | Async processing |
|
|
118
|
+
|
|
119
|
+
### CLI
|
|
120
|
+
|
|
121
|
+
| Entry Point | Location | Purpose |
|
|
122
|
+
|-------------|----------|---------|
|
|
123
|
+
| Scripts | `scripts/` | Dev/admin utilities |
|
|
124
|
+
|
|
125
|
+
---
|
|
126
|
+
|
|
127
|
+
## Cross-Cutting Concerns
|
|
128
|
+
|
|
129
|
+
### Authentication
|
|
130
|
+
|
|
131
|
+
```
|
|
132
|
+
Request → Auth Middleware → Verify JWT → Attach user to context → Handler
|
|
133
|
+
```
|
|
134
|
+
|
|
135
|
+
- **Implementation**: `src/middleware/auth.ts`
|
|
136
|
+
- **Token storage**: httpOnly cookies
|
|
137
|
+
- **Session management**: JWT with refresh tokens
|
|
138
|
+
|
|
139
|
+
### Error Handling
|
|
140
|
+
|
|
141
|
+
```
|
|
142
|
+
Error thrown → Error boundary/middleware → Log → Format response → Client
|
|
143
|
+
```
|
|
144
|
+
|
|
145
|
+
- **Error types**: `src/lib/errors.ts`
|
|
146
|
+
- **Error middleware**: `src/middleware/error.ts`
|
|
147
|
+
- **Client format**: `{ error: { code, message, details? } }`
|
|
148
|
+
|
|
149
|
+
### Logging
|
|
150
|
+
|
|
151
|
+
- **Library**: [pino / winston / console]
|
|
152
|
+
- **Format**: JSON structured logs
|
|
153
|
+
- **Levels**: error, warn, info, debug
|
|
154
|
+
- **Location**: `src/lib/logger.ts`
|
|
155
|
+
|
|
156
|
+
---
|
|
157
|
+
|
|
158
|
+
## Key Files Reference
|
|
159
|
+
|
|
160
|
+
| Purpose | File |
|
|
161
|
+
|---------|------|
|
|
162
|
+
| Database client | `src/lib/db.ts` |
|
|
163
|
+
| Auth middleware | `src/middleware/auth.ts` |
|
|
164
|
+
| API error handler | `src/middleware/error.ts` |
|
|
165
|
+
| Type definitions | `src/types/index.ts` |
|
|
166
|
+
| Environment config | `src/lib/env.ts` |
|
|
167
|
+
|
|
168
|
+
---
|
|
169
|
+
|
|
170
|
+
## Diagrams
|
|
171
|
+
|
|
172
|
+
### System Context (if applicable)
|
|
173
|
+
|
|
174
|
+
```
|
|
175
|
+
┌──────────┐ ┌──────────┐ ┌──────────┐
|
|
176
|
+
│ Client │────▶│ API │────▶│ DB │
|
|
177
|
+
└──────────┘ └──────────┘ └──────────┘
|
|
178
|
+
│
|
|
179
|
+
▼
|
|
180
|
+
┌──────────┐
|
|
181
|
+
│ External │
|
|
182
|
+
│ Services │
|
|
183
|
+
└──────────┘
|
|
184
|
+
```
|
|
185
|
+
|
|
186
|
+
---
|
|
187
|
+
|
|
188
|
+
*Last updated: YYYY-MM-DD*
|
|
@@ -0,0 +1,225 @@
|
|
|
1
|
+
# Concerns
|
|
2
|
+
|
|
3
|
+
> Analysis Date: YYYY-MM-DD
|
|
4
|
+
> Update when: Issues fixed, new concerns discovered
|
|
5
|
+
|
|
6
|
+
## Summary
|
|
7
|
+
|
|
8
|
+
| Severity | Count | Status |
|
|
9
|
+
|----------|-------|--------|
|
|
10
|
+
| Critical | 0 | - |
|
|
11
|
+
| High | 0 | - |
|
|
12
|
+
| Medium | 0 | - |
|
|
13
|
+
| Low | 0 | - |
|
|
14
|
+
|
|
15
|
+
---
|
|
16
|
+
|
|
17
|
+
## Critical Issues
|
|
18
|
+
|
|
19
|
+
Issues that could cause data loss, security breaches, or system failures.
|
|
20
|
+
|
|
21
|
+
### [CRIT-001] Issue Title
|
|
22
|
+
|
|
23
|
+
**Location**: `src/path/to/file.ts:123`
|
|
24
|
+
**Severity**: Critical
|
|
25
|
+
**Type**: Security / Data Loss / System Failure
|
|
26
|
+
|
|
27
|
+
**Description**:
|
|
28
|
+
What the issue is and why it's critical.
|
|
29
|
+
|
|
30
|
+
**Evidence**:
|
|
31
|
+
```typescript
|
|
32
|
+
// Code snippet showing the issue
|
|
33
|
+
```
|
|
34
|
+
|
|
35
|
+
**Impact**:
|
|
36
|
+
What could happen if not addressed.
|
|
37
|
+
|
|
38
|
+
**Recommended Fix**:
|
|
39
|
+
How to resolve the issue.
|
|
40
|
+
|
|
41
|
+
**Safe Modification**: No - requires careful migration
|
|
42
|
+
|
|
43
|
+
---
|
|
44
|
+
|
|
45
|
+
## High Priority
|
|
46
|
+
|
|
47
|
+
Issues that affect functionality or could become critical.
|
|
48
|
+
|
|
49
|
+
### [HIGH-001] Issue Title
|
|
50
|
+
|
|
51
|
+
**Location**: `src/path/to/file.ts:45`
|
|
52
|
+
**Severity**: High
|
|
53
|
+
**Type**: Bug / Performance / Tech Debt
|
|
54
|
+
|
|
55
|
+
**Description**:
|
|
56
|
+
Clear description of the issue.
|
|
57
|
+
|
|
58
|
+
**Evidence**:
|
|
59
|
+
```typescript
|
|
60
|
+
// Code snippet or metrics
|
|
61
|
+
```
|
|
62
|
+
|
|
63
|
+
**Impact**:
|
|
64
|
+
How this affects users or system.
|
|
65
|
+
|
|
66
|
+
**Recommended Fix**:
|
|
67
|
+
Steps to resolve.
|
|
68
|
+
|
|
69
|
+
**Safe Modification**: Yes - isolated change
|
|
70
|
+
|
|
71
|
+
---
|
|
72
|
+
|
|
73
|
+
## Medium Priority
|
|
74
|
+
|
|
75
|
+
Issues that should be addressed but aren't urgent.
|
|
76
|
+
|
|
77
|
+
### [MED-001] N+1 Query in User List
|
|
78
|
+
|
|
79
|
+
**Location**: `src/api/users/route.ts:34`
|
|
80
|
+
**Severity**: Medium
|
|
81
|
+
**Type**: Performance
|
|
82
|
+
|
|
83
|
+
**Description**:
|
|
84
|
+
User list endpoint loads related data in a loop instead of using a join.
|
|
85
|
+
|
|
86
|
+
**Evidence**:
|
|
87
|
+
```typescript
|
|
88
|
+
// Current: N+1 queries
|
|
89
|
+
const users = await db.user.findMany();
|
|
90
|
+
for (const user of users) {
|
|
91
|
+
user.profile = await db.profile.findUnique({ where: { userId: user.id } });
|
|
92
|
+
}
|
|
93
|
+
|
|
94
|
+
// Should be: Single query with include
|
|
95
|
+
const users = await db.user.findMany({
|
|
96
|
+
include: { profile: true }
|
|
97
|
+
});
|
|
98
|
+
```
|
|
99
|
+
|
|
100
|
+
**Impact**:
|
|
101
|
+
~50ms per user → 5s for 100 users
|
|
102
|
+
|
|
103
|
+
**Recommended Fix**:
|
|
104
|
+
Use Prisma `include` for eager loading.
|
|
105
|
+
|
|
106
|
+
**Safe Modification**: Yes - same result, better performance
|
|
107
|
+
|
|
108
|
+
---
|
|
109
|
+
|
|
110
|
+
## Low Priority
|
|
111
|
+
|
|
112
|
+
Nice-to-fix items, minor tech debt.
|
|
113
|
+
|
|
114
|
+
### [LOW-001] Issue Title
|
|
115
|
+
|
|
116
|
+
**Location**: `src/path/to/file.ts`
|
|
117
|
+
**Severity**: Low
|
|
118
|
+
**Type**: Tech Debt / Code Quality
|
|
119
|
+
|
|
120
|
+
**Description**:
|
|
121
|
+
Brief description.
|
|
122
|
+
|
|
123
|
+
**Recommended Fix**:
|
|
124
|
+
What to do when time permits.
|
|
125
|
+
|
|
126
|
+
---
|
|
127
|
+
|
|
128
|
+
## Tech Debt Inventory
|
|
129
|
+
|
|
130
|
+
Accumulated shortcuts and workarounds.
|
|
131
|
+
|
|
132
|
+
| ID | Location | Description | Added | Effort |
|
|
133
|
+
|----|----------|-------------|-------|--------|
|
|
134
|
+
| TD-001 | `src/lib/legacy.ts` | Old auth system still in use | 2024-06 | High |
|
|
135
|
+
| TD-002 | `src/utils/helpers.ts` | Duplicate utility functions | 2024-08 | Low |
|
|
136
|
+
|
|
137
|
+
---
|
|
138
|
+
|
|
139
|
+
## Fragile Areas
|
|
140
|
+
|
|
141
|
+
Code sections that break easily or have poor test coverage.
|
|
142
|
+
|
|
143
|
+
### `src/services/payment.ts`
|
|
144
|
+
|
|
145
|
+
**Why Fragile**:
|
|
146
|
+
- Complex state machine with many edge cases
|
|
147
|
+
- External API dependency with inconsistent responses
|
|
148
|
+
- Only 40% test coverage
|
|
149
|
+
|
|
150
|
+
**Safe Modification Guide**:
|
|
151
|
+
1. Always test with sandbox API
|
|
152
|
+
2. Check all state transitions
|
|
153
|
+
3. Verify webhook handling
|
|
154
|
+
|
|
155
|
+
**Recent Breakages**:
|
|
156
|
+
- 2024-12-01: Webhook signature validation failed after API update
|
|
157
|
+
- 2024-11-15: Race condition in concurrent payments
|
|
158
|
+
|
|
159
|
+
---
|
|
160
|
+
|
|
161
|
+
## Known Bugs
|
|
162
|
+
|
|
163
|
+
Documented issues not yet fixed.
|
|
164
|
+
|
|
165
|
+
| ID | Description | Location | Workaround | Priority |
|
|
166
|
+
|----|-------------|----------|------------|----------|
|
|
167
|
+
| BUG-001 | Login redirect fails on Safari | `src/lib/auth.ts` | Use Chrome | Medium |
|
|
168
|
+
| BUG-002 | Date picker shows wrong timezone | `src/components/DatePicker.tsx` | Manual adjustment | Low |
|
|
169
|
+
|
|
170
|
+
---
|
|
171
|
+
|
|
172
|
+
## Security Notes
|
|
173
|
+
|
|
174
|
+
Security-related observations (no secrets!).
|
|
175
|
+
|
|
176
|
+
| Area | Status | Notes |
|
|
177
|
+
|------|--------|-------|
|
|
178
|
+
| Input validation | Partial | Missing on admin endpoints |
|
|
179
|
+
| Auth | Good | JWT with refresh tokens |
|
|
180
|
+
| CORS | Good | Configured for known origins |
|
|
181
|
+
| Rate limiting | Missing | Needed on public endpoints |
|
|
182
|
+
| Secrets management | Good | Using environment variables |
|
|
183
|
+
|
|
184
|
+
**Action Items**:
|
|
185
|
+
- [ ] Add validation middleware to admin routes
|
|
186
|
+
- [ ] Implement rate limiting on `/api/auth/*`
|
|
187
|
+
|
|
188
|
+
---
|
|
189
|
+
|
|
190
|
+
## Flaky Tests
|
|
191
|
+
|
|
192
|
+
Tests that fail intermittently.
|
|
193
|
+
|
|
194
|
+
| Test | Location | Failure Rate | Cause |
|
|
195
|
+
|------|----------|--------------|-------|
|
|
196
|
+
| `should handle concurrent requests` | `tests/api/users.test.ts:45` | ~10% | Race condition in mock |
|
|
197
|
+
| `should timeout after 5s` | `tests/services/external.test.ts:78` | ~5% | CI timing variations |
|
|
198
|
+
|
|
199
|
+
---
|
|
200
|
+
|
|
201
|
+
## Dependencies to Watch
|
|
202
|
+
|
|
203
|
+
Packages that need attention.
|
|
204
|
+
|
|
205
|
+
| Package | Current | Latest | Notes |
|
|
206
|
+
|---------|---------|--------|-------|
|
|
207
|
+
| react | 18.2.0 | 19.0.0 | Major upgrade, breaking changes |
|
|
208
|
+
| prisma | 5.0.0 | 5.8.0 | Security patches available |
|
|
209
|
+
| next | 14.0.0 | 14.1.0 | Recommended update |
|
|
210
|
+
|
|
211
|
+
---
|
|
212
|
+
|
|
213
|
+
## Improvement Opportunities
|
|
214
|
+
|
|
215
|
+
Not bugs, but areas that could be better.
|
|
216
|
+
|
|
217
|
+
| Area | Current State | Ideal State | Effort |
|
|
218
|
+
|------|---------------|-------------|--------|
|
|
219
|
+
| Error messages | Generic | User-friendly with actions | Medium |
|
|
220
|
+
| Loading states | Spinner only | Skeleton screens | Low |
|
|
221
|
+
| Caching | None | Redis for hot data | High |
|
|
222
|
+
|
|
223
|
+
---
|
|
224
|
+
|
|
225
|
+
*Last updated: YYYY-MM-DD*
|